Well,
From what I seen from every mail exchanged:
1.st Origin IP: 172.16.2.100
2.st Origin IP: Outside 172.16.2.X network
Destination IP: 203.187.192.14
<mailto:[EMAIL PROTECTED]>
Origin Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Destination Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
TCPSERVER RULES:
172.16.2.:allow,RCPTCHECK="",SMTPAUTH="",LOGLEVEL="3"
:allow,RELAYCLIENT="",RCPTCHECK="",SMTP500DISCONNECT="",RETURNMXCHECK="",SANITYCHECK="",BLOCKRELAYPROBE="",TARPITCOUNT="20",TARPITDELAY="3000",SMTPAUTH="",LOGLEVEL="3"
Changed later to:
172.16.2.:allow,SMTPAUTH="",LOGLEVEL="3"
:allow,SMTPAUTH="",LOGLEVEL="3"
AUTH is being announced but not used:
220 sumail02.iqara.net ESMTP
EHLO dude
250-sumail02.iqara.net
250-PIPELINING
>>>>>>>>>>>>>>>>>>>>>> 250-AUTH LOGIN PLAIN
@40000000429c002b3975d4cc tcpserver: status: 0/200
@40000000429c00361390df7c tcpserver: status: 1/200
@40000000429c003613a939dc tcpserver: pid 24886 from 172.16.2.100
@40000000429c003613c18884 tcpserver: ok 24886
sumail02.iqara.net:203.187.192.14:25 :172.16.2.100::1974
@40000000429c003614487b64 qmail-smtpd 24886: connection from
172.16.2.100 (unknown) to sumail02.iqara.net
>>>>>>>>>>>>>>>>>>>>>> @40000000429c0036144965c4 qmail-smtpd 24886:
enabled options: rcptcheck smtp-auth
Questions :
Have you rebuilt the /etc/tcp.smtp.cdb file after modification of
the rules file? probably yes.
Can you show us the /var/qmail/bin/qmail-showctl output?
Have you enabled "AUTHREQUIRED"? it appear as "authrequired" in
"enabled options" debug
What is the debug when activating "RCPTCHECK" in the rules file?
Points:
SMTPAUTH allows for remote users to RELAY email when authenticated,
OPTIONAL, not required.
AUTHREQUIRED - guess!
PS: Try to check the qmail-smtpd.c source code
void smtp_mail(char *arg)
{
...
if (needauth && !flagauthok) {
out("530 authentication needed\r\n");
logline(3, "auth needed");
if (errdisconnect) err_quit();
return;
}
/* check if we are authenticated, if yes enable relaying */
if (flagauthok && relayclient == 0)
relayclient = "";
...
}
Hyper Axe wrote:
I see. You don't have to run the make command then. :o)
Best regards,
hyperaxe
-----Original Message-----
*From:* Harindra Patel [mailto:[EMAIL PROTECTED]
*Sent:* Tuesday, May 31, 2005 2:48 PM
*To:* Harindra Patel; Andrew Ross
*Cc:* [email protected]
*Subject:* Re: SMTP AUTH problem...Very High
I am running
#!/bin/sh
QMAILDUID=`/usr/xpg4/bin/id -u qmaild`
NOFILESGID=`/usr/xpg4/bin/id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`
exec /usr/local/bin/softlimit -m 50000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x
/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp
/var/qmail/bin/qmail-smtpd \ /var/qmail/bin/auth_smtp
/usr/bin/true 2>&1
and creating tcp.smtp.cdb file like this::
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
what else i need to do?? where i need to run make command??
till i am able to send mail using command prompt.
Harindra.
----- Original Message -----
From: "Harindra Patel" <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
To: "Andrew Ross" <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
Cc: <[email protected] <mailto:[email protected]>>
Sent: Tuesday, May 31, 2005 12:11 PM
Subject: Re: SMTP AUTH problem...Very High
> Dear sir,
> Rightnow, My tcp.smtp file is like this. and my ip is belong to
first line
> 172.16.2.100.
>
> 172.16.2.:allow,RCPTCHECK="",SMTPAUTH="",LOGLEVEL="3"
>
:allow,RELAYCLIENT="",RCPTCHECK="",SMTP500DISCONNECT="",RETURNMXCHECK="",SANITYCHECK="",BLOCKRELAYPROBE="",TARPITCOUNT="20",T
> ARPITDELAY="3000",SMTPAUTH="",LOGLEVEL="3"
>
> What changes i need to do ?? tell me so outside network will not
send any
> mails without authencation.
>
> With Regards,
> Harindra.
>
> ----- Original Message -----
> From: "Andrew Ross" <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
> To: "Harindra Patel" <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
> Sent: Tuesday, May 31, 2005 11:55 AM
> Subject: Re: SMTP AUTH problem...Very High
>
>
>> Harindra Patel wrote:
>>> I have enalbled smth auth in my qmail-ldap patch.
>>
>>> I am able to send message without auth..how to resrict this
thing and
>>> that also who are sending messages in outlook without auth enable.
>>
>>> Please suggest anyone who has done same thing....i want to
smth auth so
>>> nobody can send mail without authencation.
>>
>> Check the value of RELAYCLIENT in /etc/tcp.smtp.cdb (or rather, in
>> whatever input file you use to genereate tcp.smtp.cdb).
>>
>> If RELAYCLIENT is set (doesn't matter what the value is) then
relaying is
>> enabled. This is used to allow relaying based on IP address,
particuarly
>> for internal networks.
>>
>> If RELAYCLIENT is never set, then the only way to send email
using your
>> SMTP server is either using SMTP-AUTH or if the recipient's
email address
>> belongs one one of the domains in /var/qmail/controls/rcpthosts
>>
>> This should all be documented at http://www.lifewithqmail.org/
- I suggest
>> you read it.
>>
>> Cheers
>>
>> Andrew
>>
>>
>
>
>
>
--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 267.3.0 - Release Date: 5/30/2005
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 267.3.0 - Release Date: 5/30/2005
